Skip to main content
SpringerLink
Log in

Conqueror: Tamper-Proof Code Execution on Legacy Systems

  • Conference paper
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6201))

Abstract

We present Conqueror, a software-based attestation scheme for tamper-proof code execution on untrusted legacy systems. Beside providing load-time attestation of a piece of code, Conqueror also ensures run-time integrity. Conqueror constitutes a valid alternative to trusted computing platforms, for systems lacking specialized hardware for attestation. We implemented a prototype, specific for the Intel x86 architecture, and evaluated the proposed scheme. Our evaluation showed that, compared to competitors, Conqueror is resistant to static and dynamic attacks and that our scheme represents an important building block for realizing new security systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Grawrock, D.: Dynamics of a Trusted Platform: A Building Block Approach. Intel Press, Hillsboro (2009)

    Google Scholar 

  2. Garay, J.A., Huelsbergen, L.: Software integrity protection using timed executable agents. In: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, ASIACCS (2006)

    Google Scholar 

  3. Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: Swatt: Software-based attestation for embedded devices. In: Proceedings of the IEEE Symposium on Security and Privacy (2004)

    Google Scholar 

  4. Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: Scuba: Secure code update by attestation in sensor networks. In: Proceedings of the ACM Workshop on Wireless Security, WiSe (2006)

    Google Scholar 

  5. Seshadri, A., Luk, M., Perrig, A.: SAKE: Software attestation for key establishment in sensor networks. In: Nikoletseas, S.E., Chlebus, B.S., Johnson, D.B., Krishnamachari, B. (eds.) DCOSS 2008. LNCS, vol. 5067, pp. 372–385. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: Verifying integrity and guaranteeing execution of code on legacy platforms. In: Proceedings of ACM Symposium on Operating Systems Principles, SOSP (2005), http://www.cs.cmu.edu/~arvinds/pioneer.html

  7. Shaneck, M., Mahadevan, K., Kher, V., Kim, Y.: Remote software-based attestation for wireless sensors. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, pp. 27–41. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. AMD, Inc.: AMD Virtualization, http://www.amd.com/virtualization

  9. Wurster, G., van Oorschot, P.C., Somayaji, A.: A Generic Attack on Checksumming-Based Software Tamper Resistance. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy (2005)

    Google Scholar 

  10. Intel, Inc.: Intel Virtualization Technology, http://www.intel.com/technology/virtualization/

  11. Klimov, A., Shamir, A.: A New Class of Invertible Mappings. In: Proceedings of the 4th International Workshop on Cryptographic Hardware and Embedded Systems (2003)

    Google Scholar 

  12. Robin, J.S., Irvine, C.E.: Analysis of the Intel Pentium’s Ability to Support a Secure Virtual Machine monitor. In: Proceedings of the 9th USENIX Security Symposium (2000)

    Google Scholar 

  13. Giffin, J., Christodorescu, M., Kruger, L.: Strengthening software self-checksumming via self-modifying code. In: Proceedings of the 21st Annual Computer Security Applications Conference, ACSAC (2005)

    Google Scholar 

  14. Dai Zovi, D.: Hardware Virtualization Based Rootkits. Black Hat USA (2006), http://blackhat.com/presentations/bh-usa-06/BH-US-06-Zovi.pdf

  15. Rutkowska, J.: Subverting Vista Kernel For Fun And Profit. Black Hat USA, http://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Rutkowska.pdf

  16. Garfinkel, T., Adams, K., Warfield, A., Franklin, J.: Compatibility is Not Transparency: VMM Detection Myths and Realities. In: Proceedings of the 11th Workshop on Hot Topics in Operating Systems (HotOS-XI) (2007)

    Google Scholar 

  17. Linn, C., Debray, S.: Obfuscation of Executable Code to Improve Resistance to Static Disassembly. In: Proceedings of the 10th ACM conference on Computer and communications security, CCS (2003)

    Google Scholar 

  18. Sun Microsystems, Inc.: Sun xVM VirtualBox, http://www.virtualbox.org/

  19. Hex-Rays: IDA Pro., http://www.hex-rays.com/idapro/

  20. Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the Difficulty of Software-Based Attestation of Embedded Devices. In: Proceedings of the 16th ACM conference on Computer and Communications Security, CCS (2009)

    Google Scholar 

  21. Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: Proceedings of the 12th USENIX Security Symposium (2003)

    Google Scholar 

  22. Shankar, U., Chew, M., Tygar, J.: Side effects are not sufficient to authenticate software. In: Proceedings of the 13th USENIX Security Symposium (2004)

    Google Scholar 

  23. Chen, B., Morris, R.: Certifying Program Execution with Secure Processors. In: Proceedings of the 9th conference on Hot Topics in Operating Systems (2003)

    Google Scholar 

  24. Shi, E., Perrig, A., Van Doorn, L.: BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy (2005)

    Google Scholar 

  25. Trusted Computing Group: http://www.trustedcomputinggroup.org/

  26. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proceedings of the 13th USENIX Security Symposium (2004)

    Google Scholar 

  27. Kauer, B.: OSLO: Improving the Security of Trusted Computing. In: Proceedings of 16th USENIX Security Symposium (2007)

    Google Scholar 

  28. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a Virtual Machine-based Platform for Trusted Computing. In: Proceedings of the nineteenth ACM symposium on Operating systems principles (2003)

    Google Scholar 

  29. McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An execution infrastructure for tcb minimization. In: Proceedings of the ACM European Conference in Computer Systems, EuroSys (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Università degli Studi di Udine,  

    Lorenzo Martignoni

  2. Università degli Studi di Milano,  

    Roberto Paleari & Danilo Bruschi

Authors
  1. Lorenzo Martignoni
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Roberto Paleari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Danilo Bruschi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. International Computer Science Institute, Berkeley, USA

    Christian Kreibich

  2. Research Establishment for Applied Science (FGAN), Research Institute for Communication, Information Processing and Ergonomics (FKIE), Wachtberg, Germany

    Marko Jahnke

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Martignoni, L., Paleari, R., Bruschi, D. (2010). Conqueror: Tamper-Proof Code Execution on Legacy Systems. In: Kreibich, C., Jahnke, M. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2010. Lecture Notes in Computer Science, vol 6201. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14215-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14215-4_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14214-7

  • Online ISBN: 978-3-642-14215-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation